-= Per source details. Do not edit below this line.=-
The package @zuora-marketing/linting was found to contain malicious code.
The OpenSSF Package Analysis project identified '@zuora-marketing/linting' @ 5.1.0 (npm) as malicious.
It is considered malicious because:
The package communicates with a domain associated with malicious activity.
The package executes one or more commands associated with malicious behavior.
{
"malicious-packages-origins": [
{
"versions": [
"5.1.0"
],
"sha256": "02e59dfc0bb58f27949258caefffd5c13d5c3af111b8c069edf5ea6e0e985f22",
"modified_time": "2026-01-08T15:40:55Z",
"source": "ossf-package-analysis",
"import_time": "2026-01-08T15:41:30.366112511Z"
},
{
"versions": [
"6.1.1"
],
"sha256": "6ac2fac151a4dc27d6767c679c92664cbd80bdd566ae85b259a46155e73596f3",
"modified_time": "2026-01-08T18:27:59Z",
"source": "ossf-package-analysis",
"import_time": "2026-01-08T18:45:03.309095836Z"
},
{
"versions": [
"5.1.0",
"6.1.1"
],
"sha256": "ddcfd1151af868e694a4a79307ce1284331ad88b8ff631651f3fd2c47fbf342a",
"modified_time": "2026-01-15T21:43:07Z",
"source": "amazon-inspector",
"import_time": "2026-01-15T22:07:42.096674975Z"
}
]
}